added secrets to distributed swarm minio (#4374)

This commit is contained in:
morph027 2017-05-22 20:30:30 +02:00 committed by Harshavardhana
parent 348aa6566c
commit 9136734c02
2 changed files with 105 additions and 4 deletions

View File

@ -24,13 +24,21 @@ docker swarm init --advertise-addr <MANAGER-IP>
After the manager is up, [add worker nodes](https://docs.docker.com/engine/swarm/swarm-tutorial/add-nodes/) to the Swarm. Find detailed steps to create the Swarm on [Docker documentation site](https://docs.docker.com/engine/swarm/swarm-tutorial/create-swarm/). After the manager is up, [add worker nodes](https://docs.docker.com/engine/swarm/swarm-tutorial/add-nodes/) to the Swarm. Find detailed steps to create the Swarm on [Docker documentation site](https://docs.docker.com/engine/swarm/swarm-tutorial/create-swarm/).
## 3. Deploy distributed Minio services ## 3. Create Docker secrets for Minio
Download the [Docker Compose file](https://github.com/minio/minio/blob/master/docs/orchestration/docker-swarm/docker-compose.yaml?raw=true) on your Swarm master. Then execute the command
```shell ```shell
docker stack deploy --compose-file=docker-compose.yaml minio_stack echo "AKIAIOSFODNN7EXAMPLE" | docker secret create access_key -
echo "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" | docker secret create secret_key -
``` ```
## 4. Deploy distributed Minio services
Download the [Docker Compose file](https://github.com/minio/minio/blob/master/docs/orchestration/docker-swarm/docker-compose-secrets.yaml?raw=true) on your Swarm master. Then execute the command
```shell
docker stack deploy --compose-file=docker-compose-secrets.yaml minio_stack
```
This deploys services described in the Compose file as Docker stack `minio_stack`. Look up the `docker stack` [command reference](https://docs.docker.com/engine/reference/commandline/stack/) for more info. This deploys services described in the Compose file as Docker stack `minio_stack`. Look up the `docker stack` [command reference](https://docs.docker.com/engine/reference/commandline/stack/) for more info.
After the stack is successfully deployed, you should be able to access Minio server via [Minio Client](https://docs.minio.io/docs/minio-client-complete-guide) `mc` or your browser at http://[Node_Public_IP_Address]:[Expose_Port_on_Host] After the stack is successfully deployed, you should be able to access Minio server via [Minio Client](https://docs.minio.io/docs/minio-client-complete-guide) `mc` or your browser at http://[Node_Public_IP_Address]:[Expose_Port_on_Host]

View File

@ -0,0 +1,93 @@
version: '3.1'
services:
minio1:
image: minio/minio:RELEASE.2017-05-05T01-14-51Z
volumes:
- minio1-data:/export
ports:
- "9001:9000"
networks:
- minio_distributed
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
command: server http://minio1/export http://minio2/export http://minio3/export http://minio4/export
secrets:
- secret_key
- access_key
minio2:
image: minio/minio:RELEASE.2017-05-05T01-14-51Z
volumes:
- minio2-data:/export
ports:
- "9002:9000"
networks:
- minio_distributed
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
command: server http://minio1/export http://minio2/export http://minio3/export http://minio4/export
secrets:
- secret_key
- access_key
minio3:
image: minio/minio:RELEASE.2017-05-05T01-14-51Z
volumes:
- minio3-data:/export
ports:
- "9003:9000"
networks:
- minio_distributed
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
command: server http://minio1/export http://minio2/export http://minio3/export http://minio4/export
secrets:
- secret_key
- access_key
minio4:
image: minio/minio:RELEASE.2017-05-05T01-14-51Z
volumes:
- minio4-data:/export
ports:
- "9004:9000"
networks:
- minio_distributed
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
command: server http://minio1/export http://minio2/export http://minio3/export http://minio4/export
secrets:
- secret_key
- access_key
volumes:
minio1-data:
minio2-data:
minio3-data:
minio4-data:
networks:
minio_distributed:
driver: overlay
secrets:
secret_key:
external: true
access_key:
external: true